One consistent pain has always been resizing a filesystem without rebooting on Linux. Thank fully in recent years, this has changed with filesystems like BTRFS – where you can do something like the following….
If you’re running low of memory on a server, there may be scope to free up memory through use of ‘ksm‘. (Note, that the kernel will start looking for memory to de-duplicate if KSM is turned on AND there are some processes running which have notified the kernel that they’re candidates; ‘kvm’ does the latter.) […]
Historically we had a ‘normal’ pxe boot server in the office (DHCP server points to a TFTP server and specified a pxelinux file to load) from which we could choose to install various distributions. The only problem with this is that it was initially limited to the a specific release/version of Debian/Ubuntu (as we’d just […]
Using something like munin it’s trivial to create a graph plotting trends – and assists in answering questions like : Why is the website on server X feeling slow today? Are we receiving significantly more hits/email/whatever than normal? How effective is the new mail server? When are we likely to run out of disk space? […]
To help aid security for SSH connections, you can publish ‘SSHFP’ records in DNS which contain a fingerprint of a server’s ssh host key. If DNSSEC is in use throughout the DNS hierarchy then it ought to provide a trusted way of verifying remote hosts when no record already exists in your ~/.ssh/known_hosts file. To […]
A short howto for configuring a two node highly available server cluster. This will be an active-standby configuration whereby a local filesystem is mirrored to the standby server in real time (by DRBD). The article below shows how to configure the underlying components (DRBD, setup a filesystem to go on top, setup DRBDLinks) with a […]
Dear other web developers …. if you’re going to add a cron job to a (web) server, please make sure any output is sent to a valid email address (or log file) which is monitored….
Some time ago, we upgraded a customer’s Debian Lenny Linux server from running a 2.6.26 based kernel to use a 3.2 kernel. It hosts a relatively popular website, and the performance optimisations in the 3.2 kernel (particularly around TCP slow start) have made a big difference to page load times (for more information see this […]
If you’re having spam trouble with qmail based Linux servers (in our customer’s case – Plesk based) then perhaps you need to look at using SpamDyke Installation is pretty easy – wget http://www.spamdyke.org/releases/spamdyke-4.3.0.tgz tar -zxf spamdyke-4.3.0 cd spamdyke-4.3.0/spamdyke ./configure make && cp spamdyke /usr/local/bin Then, assuming qmail is running through xinetd – edit /etc/xinetd.d/smtp_psa to look like […]
Using Google’s Authenticator, we can change a Debian Linux host to make it require two factor authentication for remote users (or selected users based on name/ip address) as follows.